AlkantarClanX12
Current Path : /home/thanudqk/www/wp-content/plugins/w3-total-cache/lib/Minify/Minify/Controller/ |
Current File : //home/thanudqk/www/wp-content/plugins/w3-total-cache/lib/Minify/Minify/Controller/Version1.php |
<?php /** * File: Version1.php * * NOTE: Fixes have been included in this file; look for "W3TC FIX". */ namespace W3TCL\Minify; /** * Class Minify_Controller_Version1 * @package Minify */ /** * Controller class for emulating version 1 of minify.php (mostly a proof-of-concept) * * <code> * Minify::serve('Version1'); * </code> * * @package Minify * @author Stephen Clay <steve@mrclay.org> */ class Minify_Controller_Version1 extends Minify_Controller_Base { /** * Set up groups of files as sources * * @param array $options controller and Minify options * @return array Minify options * */ public function setupSources($options) { // PHP insecure by default: realpath() and other FS functions can't handle null bytes. if (isset($_GET['files'])) { $_GET['files'] = str_replace("\x00", '', (string) sanitize_text_field( wp_unslash( $_GET['files'] ) ) ); } self::_setupDefines(); if (MINIFY_USE_CACHE) { $cacheDir = defined('MINIFY_CACHE_DIR') ? MINIFY_CACHE_DIR : ''; Minify::setCache($cacheDir); } $options['badRequestHeader'] = 'HTTP/1.0 404 Not Found'; $options['contentTypeCharset'] = MINIFY_ENCODING; // The following restrictions are to limit the URLs that minify will // respond to. Ideally there should be only one way to reference a file. $files = isset( $_GET['files'] ) ? sanitize_text_field( wp_unslash( $_GET['files'] ) ) : ''; if (! isset($files) // verify at least one file, files are single comma separated, // and are all same extension || ! preg_match('/^[^,]+\\.(css|js)(,[^,]+\\.\\1)*$/', $files, $m) // no "//" (makes URL rewriting easier) || strpos($files, '//') !== false // no "\" || strpos($files, '\\') !== false // no "./" || preg_match('/(?:^|[^\\.])\\.\\//', $files) ) { return $options; } $files = explode(',', $files); if (count($files) > MINIFY_MAX_FILES) { return $options; } // W3TC FIX: Override $_SERVER['DOCUMENT_ROOT'] if enabled in settings. $docroot = \W3TC\Util_Environment::document_root(); // strings for prepending to relative/absolute paths $prependRelPaths = dirname( isset( $_SERVER['SCRIPT_FILENAME'] ) ? sanitize_text_field( wp_unslash( $_SERVER['SCRIPT_FILENAME'] ) ) : '' ) . DIRECTORY_SEPARATOR; $prependAbsPaths = $docroot; $goodFiles = array(); $hasBadSource = false; $allowDirs = isset($options['allowDirs']) ? $options['allowDirs'] : MINIFY_BASE_DIR; foreach ($files as $file) { // prepend appropriate string for abs/rel paths $file = ($file[0] === '/' ? $prependAbsPaths : $prependRelPaths) . $file; // make sure a real file! $file = realpath($file); // don't allow unsafe or duplicate files if (parent::_fileIsSafe($file, $allowDirs) && !in_array($file, $goodFiles)) { $goodFiles[] = $file; $srcOptions = array( 'filepath' => $file ); $this->sources[] = new Minify_Source($srcOptions); } else { $hasBadSource = true; break; } } if ($hasBadSource) { $this->sources = array(); } if (! MINIFY_REWRITE_CSS_URLS) { $options['rewriteCssUris'] = false; } return $options; } private static function _setupDefines() { // W3TC FIX: Override $_SERVER['DOCUMENT_ROOT'] if enabled in settings. $docroot = \W3TC\Util_Environment::document_root(); $defaults = array( 'MINIFY_BASE_DIR' => realpath($docroot) ,'MINIFY_ENCODING' => 'utf-8' ,'MINIFY_MAX_FILES' => 16 ,'MINIFY_REWRITE_CSS_URLS' => true ,'MINIFY_USE_CACHE' => true ); foreach ($defaults as $const => $val) { if (! defined($const)) { define($const, $val); } } } }